In a lakehouse environment where datasets are continuously updated, what is the best strategy for rotating encryption keys without affecting data availability or integrity?

Real Exam

Implement an application-layer solution that gradually re-encrypts data with new keys over time, tracking encryption status in a metadata store.

8.8%

Use a key management service (KMS) that supports automatic key rotation and seamlessly re-encrypts data with new keys without downtime.

77.2%

Manually rotate encryption keys yearly, re-encrypting all data overnight during low-usage periods to minimize impact.

1.8%

Establish a routine process where new data is encrypted with a new key while old data remains with the legacy key until it is phased out or re-encrypted during scheduled maintenance.

12.3%

Databricks Certified Data Engineer - Professional

Get started today

Comments

In a lakehouse environment where datasets are continuously updated, what is the best strategy for rotating encryption keys without affecting data availability or integrity?